Outside of MS08-067, what are your best exploits/vulnerabilities that you have seen out in the wild that have the best success rate? Also, does it fall into the categories of vulnerable code, bad coding, unpatched systems, systems with weak/no passwords, lack of physical security, or exploiting the user?